The latter message about signature not being checked is expected, as the archive key is signed by two keys, but only one being in the Debian keyring at a given moment: 54FD2A58 is an old key that is going to be deprecated and replaced with A6AA8C72. You can thus also expect the last signature validation to differ depending on the Debian keyring version you use.

You may want to check the trust path from your key to the one that signed the archive key. Or you can choose to trust the Debian keyring.